I decided to refactor and finish a very old project of mine, initaly coded in x86 assembly. This time it was in C. It has been a while since the last time I worked on it and after refactoring most of it I did a few tests and guess what… I got a segmentation fault. One hour long I was digging asm code (DDD power with this ugly AT&T asm syntax) and of course C code (again with DDD ). I was searching for a tiny little mistake hidden somewhere . Can you find the “little” mistake here? I am so ashamed from not finding such a stupid mistake. It actually came from the old code, where it seems i just left some refactoring in the middle of it and forgot about to actually finish it .

uint32_t plGetPeInfo(pl_file *plFile, pl_peinfo *PeInfo, pl_pointers *Pointers)
{
	char *mz;
	char *peHeader;
	IMAGE_NT_HEADERS* pe;

	mz = plFile->buffer;
	peHeader = &mz[ read_int32( &mz[0x3c] ) ];

	if (plCheckPe (plFile) == PL_ERROR) {

		return PL_ERROR;
	}

	unpack_struct( "iiIIIiiiccIIIII", &peHeader[4],
		       (char*) &pe->FileHeader.Machine,
		       (char*) &pe->FileHeader.NumberOfSections,
		       (char*) &pe->FileHeader.TimeDateStamp,
		       (char*) &pe->FileHeader.PointerToSymbolTable,
		       (char*) &pe->FileHeader.NumberOfSymbols,
		       (char*) &pe->FileHeader.SizeOfOptionalHeader,
		       (char*) &pe->FileHeader.Characteristics,
		       (char*) &pe->OptionalHeader.Magic,
		       (char*) &pe->OptionalHeader.MajorLinkerVersion,
		       (char*) &pe->OptionalHeader.MinorLinkerVersion,
		       (char*) &pe->OptionalHeader.SizeOfCode,
		       (char*) &pe->OptionalHeader.SizeOfInitializedData,
		       (char*) &pe->OptionalHeader.SizeOfUninitializedData,
		       (char*) &pe->OptionalHeader.AddressOfEntryPoint,
		       (char*) &pe->OptionalHeader.BaseOfCode
		       );

	unpack_struct( "IIIIiiiiiiIII", &peHeader[0x30],
		       (char*) &pe->OptionalHeader.BaseOfData,
		       (char*) &pe->OptionalHeader.ImageBase,
		       (char*) &pe->OptionalHeader.SectionAlignment,
		       (char*) &pe->OptionalHeader.FileAlignment,
		       (char*) &pe->OptionalHeader.MajorOperatingSystemVersion,
		       (char*) &pe->OptionalHeader.MinorOperatingSystemVersion,
		       (char*) &pe->OptionalHeader.MajorImageVersion,
		       (char*) &pe->OptionalHeader.MinorImageVersion,
		       (char*) &pe->OptionalHeader.MajorSubsystemVersion,
		       (char*) &pe->OptionalHeader.MinorSubsystemVersion,
		       (char*) &pe->OptionalHeader.Reserved1,
		       (char*) &pe->OptionalHeader.SizeOfImage,
		       (char*) &pe->OptionalHeader.SizeOfHeaders
		       );

	unpack_struct( "IiiIIIIII", &peHeader[0x58],
		       (char*) &pe->OptionalHeader.CheckSum,
		       (char*) &pe->OptionalHeader.Subsystem,
		       (char*) &pe->OptionalHeader.DllCharacteristics,
		       (char*) &pe->OptionalHeader.SizeOfStackReserve,
		       (char*) &pe->OptionalHeader.SizeOfStackCommit,
		       (char*) &pe->OptionalHeader.SizeOfHeapReserve,
		       (char*) &pe->OptionalHeader.SizeOfHeapCommit,
		       (char*) &pe->OptionalHeader.LoaderFlags,
		       (char*) &pe->OptionalHeader.NumberOfRvaAndSizes
		       );

	if(PeInfo != NULL) {
		PeInfo->EntryPoint = pe->OptionalHeader.AddressOfEntryPoint;
		PeInfo->ImageBase = pe->OptionalHeader.ImageBase;
		PeInfo->SizeOfImage = pe->OptionalHeader.SizeOfImage;
		PeInfo->SizeOfHeaders = pe->OptionalHeader.SizeOfHeaders;
		PeInfo->FileAlignment = pe->OptionalHeader.FileAlignment;
		PeInfo->SizeOfCode = pe->OptionalHeader.SizeOfCode;
		PeInfo->CheckSum = pe->OptionalHeader.CheckSum;
		PeInfo->SectionAlignment = pe->OptionalHeader.SectionAlignment;
		PeInfo->NumberOfSections = pe->FileHeader.NumberOfSections;
	}

	if (Pointers != NULL) {
		Pointers->MZHeader = mz;
		Pointers->PeHeader =  peHeader;
		Pointers->SectionsStart = &Pointers->PeHeader[0xf8];
		Pointers->OptionalHeader = &Pointers->PeHeader[0x18];
		Pointers->DirectoriesStart = &Pointers->PeHeader[0x78];
	}

	return PL_SUCCESS;
}